Claims 



1 . In a cryptographic system having one of a plurality of states, an interactive method of 
controlling the transition of said system from an existing state to a future state under control of 
one or more authorities, said method being performed by said cryptographic system and 
comprising the steps of: 

storing control information specifying permissible future states based on a current state 
and a requesting authority; 

receiving a query from an authority as to the current state of the cryptographic system; 

providing a reply to said authority in response to said query, said reply containing state 
information regarding the current state of said cryptographic system and reply authentication 
information for enabling said authority to determine whether said reply originated from said 
cryptographic system; 

receiving a request from an authority to change the current state of the cryptographic 
system, said request containing state change information indicating a proposed future state of said 
cryptographic system and request authentication information for enabling said cryptographic 
system to determine whether said request originated from said authority; 

determining using said request authentication information whether said request originated 
from said authority; and 

performing said request only if the request is determined to have originated from said 
authority and the proposed future state is a permissible future state as specified by said control 
information. 

2. The method of claim 1 in which said reply authentication information comprises a digital 
signature. 

3 . The method of claim 2, further comprising the step of: 

storing a private key in the cryptographic system, said private key being used for 
generating said digital signature. 



POU919970091US2 



-31- 



4. The method of claim 1 in which said query includes a unique query value, said reply 
authentication information being g^erated on said reply including said query value. 

5 . The method of claim 1 , farther comprising the step of: 

storing a unique transaction value in the cryptographic system, a request from an authority 
5 including a transaction value, a request being performed only if the transaction value in the 

request is the same as the transaction value in the cr^tographic system, said transaction value in 
the cryptographic system being updated to a new unique value upon performance of a request 

6. The method of claim 5 in which said transaction value comprises a random part and a 
10 sequential part, said sequential part being incremented upon performance of a request. 

43 7. The method of claim 1 in which said request authentication information comprises a digital 
r signature. 

^-f- 8. The method of claim 7, further comprising the step of: 

l3 storing a public key for an authority, said request being authenticated by means of said 

J public key. 

f 1 9. The method of claim 1 in which all or a portion of a proposed future state is stored in a 
" pending command register. 

20 1 0. The method of claim 1 in which said cryptographic processor transitions from said existing 
state to said future state through one or more intermediate states, said intermediate states being 
represented at least in part as a series of single bits in a signature summary mask, each bit 
representing the concurrence of an authority to continue the process of intermediate states toward 
said future state. 

25 11. A program storage device readable by a machine, tangibly embodying a program of 
instructions executable by the machine to perform the method steps of claim 1. 
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12. In a cryptographic system having one of a pluraUty of states, apparatus for interactively 
controlling the transition of said system from aa existing state to a future state under control of 
one or more authorities, said apparatus being associated vv^ith said cryptographic system and 
comprising: 

5 means for storing control inforaiation specifying permissible future states based on a 

current state and a requesting authority; 

means for receiving a query from an authority as to the current state of the cryptographic 

system; 

means for providing a reply to said authority in response to said query, said reply 

14 containing state information regarding the current state of said cryptographic system and reply 
C authentication information for enabling said authority to determine whether said reply originated 
.jp from said cryptographic system; 

means for receiving a request from an authority to change the current state of the 
W cryptographic system, said request containing state change information indicating a proposed 

15 future state of said cryptographic system and request authentication information for enabling said 
tti cryptographic system to determine whether said request originated from said authority; 

ry means for determining using said request authentication information whether said request 

p originated from said authority; and 

means for performing said request only if the request is determined to have originated 
20 from said authority and the proposed future state is a permissible future state as specified by said 
control information. 

13. The apparatus of claim 12 in which said reply authentication information comprises a 
digital signature. 

25 14. The apparatus of claim 12 in which said query includes a unique query value, said reply 
authentication information being generated on said reply including said query value. 
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1 5. The apparatus of claim 12, further comprising: 

means for storing a unique transaction value in the cryptographic system, a request from 
an authority including a transaction value, a request being performed only if the transaction value 
in the request is the same as the transaction value in the cryptographic system, said transaction 
value in the cryptographic system being updated to a new unique value upon performance of a 
request. 

16. The apparatus of claim 15 in which said transaction value comprises a random part and a 
sequential part, said sequential part being incremented upon performance of a request 

17. The apparatus of claim 12 in which said request authentication information comprises a 
digital signature. 

18. The apparatus of claim 12 in which all or a portion of a proposed future state is stored in a 
pending command register. 

1 9. The apparatus of claim 12 in which said cryptographic processor transitions from said 
existing state to said future state through one or more intermediate states, said intermediate states 
being represented at least in part as a series of single bits in a signature summary mask, each bit 
representing the concurrence of an authority to continue the process of intermediate states toward 
said future state. 
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